Hi Guys,

I’ve set up a windows VPN on a server running XP. I can connect using the internal ip address within the network. Im trying to set it up so i can access the computer anywhere over the internet. The problem is i have a Belkin N1 Router (the older one) and im trying to forward my external IP address to the internal computer ip address. What ports need to be open on the router? I understand how to use the router to forward the traffic but stuck on the ports?

Any help would be much apprichiated.

You may be able to get away with just 1723 TCP.
If that doesn’t work then also enable 500 UDP for ISAKMP.

I tried this. It did not work. I do not know why.

HTH.

pptn/l2tp ports

check the firewall settings in the router.

I know a bit about VPL and the avoidance thereof if that’s any good to you.

Thanks for the advice guys but even though I open 1723 and 500 on the router on the virtual server forwarding settings, it still wont work!?

You will need to check if your router is compatible with passing VPN traffic through. I can’t remember offhand what happens but if the router messes with the packets in the wrong way as they pass through then the VPN will fail.

Sanj,

Im not an expert but try the below. Your post is a little confusing. Are you using a Server (as in the true sense of the word like 2003 or 2008, with an XP client) or using purely just the XP client for the VPN session?

You can test your ports if they are open and enabled and working using the below online tool. Run the tool from the problem PC (assuming you have worknig internet on this?)

http://www.t1shopper.com/tools/port-scan/#

There may be a possiblity that your ISP may also be blocking these (as some do like port 21 FTP).

How is you internal PC being seen by the outside insternet for VPN purposes? Are you using a dynamic DNS service?

Sorry for the confusing post, I’m still new! Well the server is an XP based system i.e client. Basically I want to access the resources from virtually anywhere with a internet connection and VPN. I have correctly created the VPN on the server. So in other words internally on my network i can use another machine creating a VPN connection into the server at 192.168.2.113. I know my static IP address of my Internet connection. In the belkin router config page you can use the virtual server to port forward. I used to have this set up with my Ubuntu machine for SSH and FTP as well as HTTP. Now I’m trying to get this to forward my VPN session.

Amy i barking up the wrong tree is there any other options to access this machine from anywhere?

Thanks guys I really appreciate it!

I’m not familiar with VPN on XP but if it were me I would say you need to forward the address 192.168.2.113:1723 on your router (which I understand you’ve done)

I would also say you need some kind of Dynamic DNS service like http://www.dyndns.com or http://www.no-ip.org to setup a free dns host name to make you private server/client pc visible to the outside world. This will then forward requests from the internet to a speicifed port number (in this case port: 1723) to the private ip address of your VPN server (192.168.2.113). So in a nutshell you set up a free host name for your PC (example: sanjvpn.no-ip.org) when external internet clients request this address with the specified port number (example: sanjvpn,no-ip.com:1723 they will be directed to the private address (192.168.2.113:1723) you have confirgured in port forwarding/virtual server settings on your router). This should then initiate the VPN.

You still need to test and confirm your ports are open and ready from the online tests though, otherwise you are just wasting your time.

A bit long but hopefully may help?

Amy i barking up the wrong tree is there any other options to access this machine from anywhere?

Try LogMeIn Free. As with all of this free stuff just watch as you install to make sure you keep installing the free version rather than the trial of the Pro version.

But if you want to persevere then the internet says that yes there is a problem with your router and VPN but the upgraded firmware should make it work so go check the firmware on your router as the ports you have opened appear to be correct.

Right, you need to check the logs on your router.
Is it blocking some inbound packets when you try and connect?

I assume you can connect locally? i.e. inside the router? To the local private address.

If it works fine internally then try from outside and then check the router logs. Obviously you’re looking to see what traffic gets blocked if any.

You might want to try some low level tests too, see if you get a response when you telnet to your server on port 1723.

i.e. from a command line, telnet 1.1.1.1 1723 (obviously 1.1.1.1 will be whatever your public address is)

If it were me and I were looking to connect to a windows machine remotely, I’d use the built in VPN on the router, which will be an IPSEC one. If it didn’t have one, I’d get a new router.